X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fcontrollers%2Fstatic.ts;h=75e30353c37a868df3398b482ae4abcf9ddb54d1;hb=be0f59b4eec3c2c4dcd151e2b174be39dff1568e;hp=ce5d0c5fa2b2bdad0b795e33cd7b1c5fa4773f67;hpb=3f6d68d9671ddb7ba1c4f3a35021b84856dafb6a;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/controllers/static.ts b/server/controllers/static.ts
index ce5d0c5fa..75e30353c 100644
--- a/server/controllers/static.ts
+++ b/server/controllers/static.ts
@@ -1,14 +1,16 @@
 import * as cors from 'cors'
 import * as express from 'express'
-import { CONFIG, STATIC_DOWNLOAD_PATHS, STATIC_MAX_AGE, STATIC_PATHS, ROUTE_CACHE_LIFETIME } from '../initializers'
+import { CONFIG, ROUTE_CACHE_LIFETIME, STATIC_DOWNLOAD_PATHS, STATIC_MAX_AGE, STATIC_PATHS } from '../initializers'
 import { VideosPreviewCache } from '../lib/cache'
-import { cache } from '../middlewares/cache'
+import { cacheRoute } from '../middlewares/cache'
 import { asyncMiddleware, videosGetValidator } from '../middlewares'
 import { VideoModel } from '../models/video/video'
 import { VideosCaptionCache } from '../lib/cache/videos-caption-cache'
 import { UserModel } from '../models/account/user'
 import { VideoCommentModel } from '../models/video/video-comment'
-import { HttpNodeinfoDiasporaSoftwareNsSchema20 } from '../models/nodeinfo'
+import { HttpNodeinfoDiasporaSoftwareNsSchema20 } from '../../shared/models/nodeinfo'
+import { join } from 'path'
+import { root } from '../helpers/core-utils'
 
 const packageJSON = require('../../../package.json')
 const staticRouter = express.Router()
@@ -48,13 +50,13 @@ staticRouter.use(
 const thumbnailsPhysicalPath = CONFIG.STORAGE.THUMBNAILS_DIR
 staticRouter.use(
   STATIC_PATHS.THUMBNAILS,
-  express.static(thumbnailsPhysicalPath, { maxAge: STATIC_MAX_AGE })
+  express.static(thumbnailsPhysicalPath, { maxAge: STATIC_MAX_AGE, fallthrough: false }) // 404 if the file does not exist
 )
 
 const avatarsPhysicalPath = CONFIG.STORAGE.AVATARS_DIR
 staticRouter.use(
   STATIC_PATHS.AVATARS,
-  express.static(avatarsPhysicalPath, { maxAge: STATIC_MAX_AGE })
+  express.static(avatarsPhysicalPath, { maxAge: STATIC_MAX_AGE, fallthrough: false }) // 404 if the file does not exist
 )
 
 // We don't have video previews, fetch them from the origin instance
@@ -71,16 +73,31 @@ staticRouter.use(
 
 // robots.txt service
 staticRouter.get('/robots.txt',
-  asyncMiddleware(cache(ROUTE_CACHE_LIFETIME.ROBOTS)),
+  asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.ROBOTS)),
   (_, res: express.Response) => {
     res.type('text/plain')
     return res.send(CONFIG.INSTANCE.ROBOTS)
   }
 )
 
+// security.txt service
+staticRouter.get('/security.txt',
+  (_, res: express.Response) => {
+    return res.redirect(301, '/.well-known/security.txt')
+  }
+)
+
+staticRouter.get('/.well-known/security.txt',
+  asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.SECURITYTXT)),
+  (_, res: express.Response) => {
+    res.type('text/plain')
+    return res.send(CONFIG.INSTANCE.SECURITYTXT + CONFIG.INSTANCE.SECURITYTXT_CONTACT)
+  }
+)
+
 // nodeinfo service
 staticRouter.use('/.well-known/nodeinfo',
-  asyncMiddleware(cache(ROUTE_CACHE_LIFETIME.NODEINFO)),
+  asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)),
   (_, res: express.Response) => {
     return res.json({
       links: [
@@ -93,10 +110,27 @@ staticRouter.use('/.well-known/nodeinfo',
   }
 )
 staticRouter.use('/nodeinfo/:version.json',
-  asyncMiddleware(cache(ROUTE_CACHE_LIFETIME.NODEINFO)),
+  asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)),
   asyncMiddleware(generateNodeinfo)
 )
 
+// dnt-policy.txt service (see https://www.eff.org/dnt-policy)
+staticRouter.use('/.well-known/dnt-policy.txt',
+  asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.DNT_POLICY)),
+  (_, res: express.Response) => {
+    res.type('text/plain')
+
+    return res.sendFile(join(root(), 'dist/server/static/dnt-policy/dnt-policy-1.0.txt'))
+  }
+)
+
+// dnt service (see https://www.w3.org/TR/tracking-dnt/#status-resource)
+staticRouter.use('/.well-known/dnt/',
+  (_, res: express.Response) => {
+    res.json({ tracking: 'N' })
+  }
+)
+
 // ---------------------------------------------------------------------------
 
 export {
@@ -161,13 +195,13 @@ async function generateNodeinfo (req: express.Request, res: express.Response, ne
         nodeDescription: CONFIG.INSTANCE.SHORT_DESCRIPTION
       }
     } as HttpNodeinfoDiasporaSoftwareNsSchema20
-    res.set('Content-Type', 'application/json; profile=http://nodeinfo.diaspora.software/ns/schema/2.0#; charset=utf-8')
+    res.contentType('application/json; profile="http://nodeinfo.diaspora.software/ns/schema/2.0#"')
   } else {
     json = { error: 'Nodeinfo schema version not handled' }
     res.status(404)
   }
 
-  return res.end(JSON.stringify(json))
+  return res.send(json).end()
 }
 
 async function downloadTorrent (req: express.Request, res: express.Response, next: express.NextFunction) {